As the use of server-based computing services (e.g., so-called “cloud” computing) becomes more prevalent, the security of the servers employed to provide those services becomes increasingly important. Also, the types of services provided by such servers have increased in variety. As a result, efforts by those seeking unauthorized access to such services provided to others and to the servers that provide those services (e.g., so-called “hacking” or “cyber attacks”) have increased in number and changed in character.
Early efforts at compromising the security of such servers focused largely on compromising specific applications software employed by servers to provide a specific type or range of services. By way of example, such early efforts focused on compromising the database maintenance application, the search engine application, the data archiving application, the monetary or financial transaction application, etc. executed by a processor of a server to provide a specific type of service. The goal was often to gain access to sensitive data by compromising the security of the application that handles it.
However, more recent efforts at compromising the security of servers have focused more on compromising operating system or other core software employed in providing the more basic functionality of the server itself. Among such core software to become a more recent prevalent target is the virtual machine monitor (VMM) that creates and maintains the separate virtual machines for different accounts atop which customers employing the services of such servers may cause the execution of any of a variety of different applications software or combinations of applications software.
In response to this changing security threat, various pieces of VMM software have been devised to constantly watch each virtual machine active on a server for indications of having been compromised and/or of other issues. However, the efforts to compromise the virtual machines have continued to become more sophisticated, and now include efforts to compromise the VMM software itself. It is with respect to these and other considerations that the embodiments described herein are needed.